View Full Version : File Analyzers (noob help)
Aquatic
February 25th, 2003, 15:38
I want to unpack a .exe that I have so that I can get more referenced text strings from Win32Dasm.
When I launch 90% of file analyzers to determine the protection on the .exe the analyzer program will just flash a dos box and then it will disappear...so how the fek am I supposed to use it?
(There seems to be no GUI for any of these File Analyzers).
Bengaly
February 25th, 2003, 15:44
use PEIDentifier 0.8 by snaker (could be a newer version, dunno), its a good tool
Aquatic
February 25th, 2003, 15:58
Hmm. I could only find v0.7 of that program, and it doesn't tell me what protection/packer is being used...etc
squidge
February 25th, 2003, 16:26
Most analysers need to be run from the dos command line. PEID will run from windows, but make sure to use the options (eg. normal/deep/hardcore search).
0.8 is on Protools.
Clandestiny
February 27th, 2003, 21:58
Its not necessary to know what packer was used in order to unpack something (/tracex + a small dose of brain power does wonderful things, you know
).
No seriously, if you look at your target in a PE editor sometimes the names of the sections can give you a clue about the packer used. Similarly, you can also sometimes find strings in a raw hex dump that will provide clues.
Cheers
Clandestiny
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.